class Security::PeopleController < ApplicationController  
  # GET /security/people
  # GET /security/people.xml
  def index
    @title_view = 'Personas'
    @security_people = Security::Person.all
    respond_to do |format|
      format.html # index.html.erb
      format.xml  { render :xml => @security_people }
    end
  end

  # GET /security/people/1
  # GET /security/people/1.xml
  def show
    @security_person = Security::Person.find(params[:id])
    @title_view = 'Personas'
    respond_to do |format|
      format.html # show.html.erb
      format.xml  { render :xml => @security_person }
    end
  end

  # GET /security/people/new
  # GET /security/people/new.xml
  def new
    if (user_signed_in? && ([2].include?(current_user.role)))
    @security_person = Security::Person.new
    @title_view = 'Personas'
    respond_to do |format|
      format.html # new.html.erb
      format.xml  { render :xml => @security_person }
    end
    else
      respond_to do |format|
        format.html { redirect_to(new_user_session_path) }
      end
    end
  end

  # GET /security/people/1/edit
  def edit
    if (user_signed_in? && ([2].include?(current_user.role)))
    @security_person = Security::Person.find(params[:id])
    @title_view = 'Personas'
    else
      respond_to do |format|
        format.html { redirect_to(new_user_session_path) }
      end
    end
  end

  # POST /security/people
  # POST /security/people.xml
  def create
    if (user_signed_in? && ([2].include?(current_user.role)))
    @security_person = Security::Person.new(params[:security_person])
    @title_view = 'Personas'
    #@security_person.deleted = 0
    respond_to do |format|
      if @security_person.save
        format.html { redirect_to(@security_person, :notice => 'Se ha creado correctamente la persona.') }
        format.xml  { render :xml => @security_person, :status => :created, :location => @security_person }
      else
        format.html { render :action => "new" }
        format.xml  { render :xml => @security_person.errors, :status => :unprocessable_entity }
      end
    end
    else
      respond_to do |format|
        format.html { redirect_to(new_user_session_path) }
      end
    end
  end

  # PUT /security/people/1
  # PUT /security/people/1.xml
  def update
    if (user_signed_in? && ([2].include?(current_user.role)))
    @security_person = Security::Person.find(params[:id])
    @title_view = 'Personas'
    respond_to do |format|
      if @security_person.update_attributes(params[:security_person])
        format.html { redirect_to(@security_person,:notice => 'Se ha actualizado correctamente la persona.') }
        format.xml  { head :ok }
      else
        format.html { render :action => "edit" }
        format.xml  { render :xml => @security_person.errors, :status => :unprocessable_entity }
      end
    end
    else
      respond_to do |format|
        format.html { redirect_to(new_user_session_path) }
      end
    end
  end

  # DELETE /security/people/1
  # DELETE /security/people/1.xml
  def destroy
    if (user_signed_in? && ([2].include?(current_user.role)))
    @security_person = Security::Person.find(params[:id])
    mensaje = @security_person.erasable
    if mensaje.blank?
      @security_person.deleted = 1
      @security_person.save
    end
    respond_to do |format|
      format.html { redirect_to(security_people_url, :notice => mensaje) }
      format.xml  { head :ok }
    end
    else
      respond_to do |format|
        format.html { redirect_to(new_user_session_path) }
      end
    end
  end
end
